An empirical evaluation of a language-based security testing technique
CASCON '09 Proceedings of the 2009 Conference of the Center for Advanced Studies on Collaborative Research
Linguistic security testing for text communication protocols
TAIC PART'10 Proceedings of the 5th international academic and industrial conference on Testing - practice and research techniques
Hi-index | 0.00 |
State based protocols are protocols in which the handling of one message depends on the contents of previous messages. Testing such protocols, for security or for other purposes usually means specifying the state space of the protocol in some manner. This paper introduces a novel method of using an existing client to explore the state space. The messages exchanged between the client and test system are captured and mutated. To send the mutated test messages, the previous messages must be resent. Constraints expressed in an extended version of the Semantic Constraint Language are used to automatically derive the data dependencies between the messages.